SEARCH
All Articles
US Charges Chinese PLA Members in Equifax Breach
The Department of Justice indicted four members of China's People's Liberation Army in connection with the Equifax data breach in 2017.
Serious Bluetooth Flaw Fixed in Android Update
Google has patched a critical Bluetooth flaw in Android that could give an attacker control of a vulnerable device without any user interaction.
Malware Backdoor Campaign Targets Financial Services
An attack campaign has targeted financial services using a new type of backdoor since early January, FireEye said.
Cisco Fixes CDP Flaws in Routers, Switches
Cisco has patched five serious vulnerabilities that affect routers, switches, and IP phones and cameras with the Cisco Discovery Protocol enabled.
Web Shell Attacks Continue to Cause Problems
Web shell attacks have been on the rise in recent months, as many APT groups employ them against enterprises.
Maybe FCC Will Punish Mobile Carriers That Sold Location Data
While FCC chairman Ajit Pai said at least one wireless carrier sold location data in violation of federal law, it is far from clear whether the offending entity will face any penalties.
Sudo Flaw Grants Root Privileges
A flaw in the sudo utility could allow a local user to gain root privileges if the pwfeedback option is enabled.
Make It Harder to Phish One-Time Passcodes Sent Over SMS
A proposal that would standardize the format of SMS messages being used in two-factor authentication schemes has a simple goal: make users relying on those one-time passcodes less susceptible to phishing attacks.
For Whom the Bill Tolls: Encryption
A proposed bill by Sen. Lindsey Graham to prevent online child exploitation imagery could have a disastrous effect on end-to-end encryption.
The Growing Overlap of Disinformation and Security
Disinformation campaigns and cyber operations are intersecting more and more often, as actors become more sophisticated in their use of both tactics in their operations.
Enterprise Laptops Still Vulnerable to Memory Attacks
Attackers can exploit vulnerabilities in how laptops use memory to force the machine to execute unauthorized code while it is booting up, giving them unauthorized privileges and access to information, researchers said.
Mozilla, Google Crack Down on Malicious Browser Extensions
Google and Mozilla over the past few weeks have taken steps to remove problematic extensions and add-ons that steal user data and execute remote code.
New CacheOut Attack Impacts Latest Intel Chips
Researchers have identified yet another speculative execution attack method against Intel processors.
Better Privacy Through Collaboration
Improving online privacy for users will require a mix of technical, legislative, and regulatory approaches.
Interpol Arrests Possible Magecart Attackers in Indonesia
Three people arrested in Indonesia for using web skimmers to steal payment card details from websites may be linked to one of the groups operating under the Magecart umbrella.